7.8 CVE-2023-33204

Patch

sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.
https://nvd.nist.gov/vuln/detail/CVE-2023-33204

Categories

CWE-190 : Integer Overflow or Wraparound
An integer overflow or wraparound occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may wrap to become a very small or negative number. While this may be intended behavior in circumstances that rely on wrapping, it can have security consequences if the wrap is unexpected. This is especially the case if the integer overflow can be triggered using user-supplied inputs. This becomes security-critical when the result is used to control looping, make a security decision, or determine the offset or size in behaviors such as memory allocation, copying, concatenation, etc.

References

MISC Patch

https://github.com/sysstat/sysstat/pull/360 Issue Tracking Patch

_MLIST

[debian-lts-announce] 20230527 [SECURITY] [DLA 3434-1] sysstat security update

CPE

cpe	start	end
Configuration 1
cpe:2.3:a:sysstat_project:sysstat::::::::		<= 12.7.2

REMEDIATION

Patch

Url
https://github.com/sysstat/sysstat/pull/360

EXPLOITS

Exploit-db.com

id	description	date
No known exploits

Other (github, ...)

Url
No known exploits

CAPEC

Common Attack Pattern Enumerations and Classifications

id	description	severity
92	Forced Integer Overflow This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code. The first step is exploratory meaning the attacker looks for an integer variable that they can control. The attacker finds an integer variable that they can write into or manipulate and try to get the value of the integer out of the possible range. The integer variable is forced to have a value out of range which set its final value to an unexpected value. The target host acts on the data and unexpected behavior may happen.	High

MITRE

Sherlock® flash

Take a picture of your computer network in a few clicks !

The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.

Discover this offer

Sherlock® flash: 1st instant cybersecurity audit solution